Posts Tagged ‘dns’

The Advanced TCP/IP dialog will allow you to configure settings relative to DNS, WINS and specify multiple IP Addresses and Gateway’s. To come up with the Advanced TCP/IP Settings dialog, simply right click the desired connection from the Network Connections folder, and choose properties, to view the Properties dialog box of the selected connection. Now, select Internet Protocol (TCP/IP) from the list and click the Properties button. This will openup the Internet Protocol (TCP/IP) Properties dialog.

Next step is to click the Advanced button and popsup the Advanced TCP/IP Settings dialog with four tabs to choose the option , from the given below:

IP Settings allows you to add more IP Addresses or to change the routing properties of the network card.

DNS allows you to set how the TCP/IP connection uses the DNS.

WINS allows you to set how the TCP/IP connection uses WINS for computers that can not access Active Directory.

Options allows you to set TCP/IP Filtering and specify which ports will be used for TCP/IP communication.

The IP Settings Tab : –

The IP addresses box at the top allows you to assign additional IP Addresses to a single network card. This is useful if you are hosting multiple websites on the same web server and want to give each its own IP Address for example.

Simply click the Add button to add an IP Address and Subnet Mask >> Click “Edit” to modify the currently selected item and “Remove” to delete the currently selected item from the list.

The Default gateways box in the middle, Comes into action if you want the network connection to use multiple default gateways. Click the Add button to add a Default gateway, and assign it a Metric value. A “metric value” is the cost of a specific route. Cost can reflect speed, reliability and number of hops. The route with the lowest metric value is used. So if you have two Default Gateways set up, one with a metric of 10 and the other with a metric of 20, then the one with 10 will get the first priority. Leaving the metric at automatic means that the route metric for this default gateway will be calculated automatically, and the fastest route will be chosen.

The Edit and Remove buttons in the Default gateways box, does exactly the same as the IP addresses box.

At the bottom of the IP Settings tab you can set whether you want the Interface to have a specific metric or to be assigned one automatically. By default this option is checked. Uncheck it if you wish to input an Interface metric value of your choice.

The DNS Tab : –

The “DNS server addresses, in order of use box” at the top of the DNS tab is used to list the IP Addresses of the DNS Servers that will be used for name resolution. These servers are ordered and used in priority, so if one server does not work then it will move to the next one down the list. To set the order of IP Addresses, select an IP Address and press the up and down button on the right hand side.

It is important to keep in mind that TCP/IP will not move on to the next server if it fails to resolve the request. It will only move to the next server if the first server it tries is unavailable (perhaps down for maintenance or in the middle of a reboot).

Append primary and connection specific DNS suffixes, and Append parent suffixes of the primary DNS suffix are enabled by default. These options are used for resolution of unqualified names.

The first option is used to resolve unqualified names using the parent domain. For example, if you had a computer name of test and a parent domain called trulymanaged.com it would resolve to test.trulymanaged.com. The query would fail if test.trulymanaged.com does not exist in the parent domain. The second option is used to resolve unqualified names using the parent-child domain hierarchy. A DNS query will move one step up the domain hierarchy if it fails at the current level. It will do this until it reaches the root of the hierarchy.

The textbox on the right of the DNS suffix for this connection is used to explicitly set a DNS suffix that will override any other setting already specified for this connection.

Register this connections addresses in DNS will register all this connections IP Addresses in DNS under the computers FQDN. Using this connections DNS suffix in DNS registration will register all IP Addresses for this connection in DNS under the parent domain.

The WINS Tab : -

The WINS tab is used to specify WINS related settings such as the list of WINS servers to be used for NETBIOS name to IP resolution, the LMHOSTS file to be used as an alternate means of lookups and the NETBIOS settings for the network connection.

Use the “WINS addresses, in order of use box” at the top to add the WINS servers you want the system to use for IP to name resolution. Press the Add button for a small dialog box to appear waiting for you to enter the IP Address of the WINS server. Use the Edit and Remove buttons to modify or delete a selected item respectively. If you have more than one WINS server in the list, press the up and down arrow buttons to adjust the priority of which servers will be queried first. If one server is not available then the next one down will be used, and so on and so forth.

Check the Enable LMHOSTS lookup checkbox so that if WINS cannot resolve a name then the local LMHOSTS file will be used. The LMHOSTS file can be found in \WINDOWS\system32\drivers\etc. It goes by the name of lmhosts.sam and can be modified in a text editor. Entries are placed at the bottom of the file and when used, the listed IP Addresses are matched against a specified host name. If you already have an LMHOSTS file defined on another machine on the network, use the Import LMHOSTS button to select this file and import it to the local machine.

The NETBIOS settings at the bottom allow you to explicitly define how NETBIOS will be used on the system. Choose Default if you want the DHCP server to assign the NETBIOS setting, Enable NETBIOS over TCP/IP if you use a static IP Address or the DHCP Server does not give NETBIOS settings, and Disable NETBIOS over TCP/IP if you do not use NETBIOS or WINS on your network.

The Options Tab (TCP/IP Filtering) :-

The Options tab allows you to configure TCP/IP Filtering settings; you can define which ports or protocols are permitted. Select the Permit Only radio button and use the Add button to add TCP/UDP port numbers or a protocol version to the respective list. If you permit traffic only from a defined set of ports, all other traffic will be dropped.

A nameserver is the program that actually does the work of looking up names. There are three main types of nameserver. A CACHING-ONLY nameserver does look-ups of names, but controls no name records itself. A PRIMARY nameserver not only does lookups of names, but also owns the records for a domain. A SECONDARY nameserver does name lookups, and it also backs up a primary nameserver by providing authoritative answers for a certain domain. Many nameservers will combine Primary and Secondary functionality for different domains.

What is Primary vs Secondary DNS?

The domain name space is divided into regions called zones. In order to maximize availability, the InterNIC (Internet’s Network Information Center) requires that every zone have both a primary and secondary DNS server.

Everybody maintain two public nameservers, ns1 and ns2. When used for primary DNS, ns1 acts as the primary and ns2 as a secondary. You only need to submit a single request for primary DNS service to enable ns1 as your primary and ns2 as your secondary.

When used for secondary DNS, all of name servers act as secondary nameservers that obtain data by way of zone transfers from the primary of your choice. You only need to submit a single request for secondary DNS service to enable our name servers as secondary name servers for your zone.

What is an MX record?

When a remote site on the internet wants to send someone at your domain an e-mail message, their mail server software looks up the hostname of the appropriate mail server to receive that mail. This type of record is referred to as an “MX,” “Mail Exchanger” or “Mail Relay” record. The response that the remote server gets tells it where to send the mail so that it will be relayed to you. When your site has received e-mail it is stored for you by your e-mail server. In order to retrieve your mail from the server you need to use an interface between your mail program and the mail server itself. This interface is usually a piece of software like POP (the Post Office Protocol) or IMAP. The hostname that you use to access the POP or IMAP server might be the same as your MX record, or it might be different. MX records are used to direct mail to specific locations. For example, if you had two hosts that work as mailhosts, you could identify them with MX records. More often, you create an MX record to tell others outside your domain (i.e. on the Internet) how to get mail to you.

The difference between forward (A) and reverse (PTR) records.

Forward records, or A records, are those which translate from machine names to ip addresses. These are the most commonly used records. A typical A record is constructed as follows:

eukhost.test.com. IN A 192.168.1.1

(this example shows an A record which correlates the machine name eukhost.test.com to the IP address 192.168.1.1)

Reverse records, or PTR records, are those which translate from ip address to machine names. They are typically used for security tests. The IP address of a machine is reversed, and then the suffix in-addr.arpa is appended. A typical PTR record is:

1.168.1.192.in-addr.arpa. IN PTR eukhost.test.com.

(this example shows a PTR record which correlates the IP address 192.168.1.1 to the machine name eukhost.test.com)

The DNS “Time To Live” (TTL)

Each part of DNS information that may be cached separately has a time to live associated with it. Once this time expires, the cached information must be discarded and has to be obtained from an authoritative server again if it is needed. The TTL is not configured locally in the caching server but is set in the authoritative server and passed along with the information itself. This way the administrator of a domain can control how long it takes for any change to be known throughout the Internet.

What/Who is ICANN?

ICANN, which is short for the Internet Corporation for Assigned Names and Numbers, is a central authority in an essentially decentralized, neutral and ungoverned global network of networks. Icann runs the addressing system, giving out blocks of unique identifiers to countries and private registries.
ICANN was created through a Memorandum of Understanding (MoU) between the U.S. Department of Commerce and ICANN to transition management of the Domain Name System (DNS) from the U.S. government to the global community.
The Internet Corporation for Assigned Names and Numbers is responsible for managing and coordinating the Domain Name System (DNS) to ensure that every address is unique and that all users of the Internet can find all valid addresses. It does this by overseeing the distribution of unique IP addresses and domain names. It also ensures that each domain name maps to the correct IP address.
ICANN is also responsible for accrediting the domain name registrars. “Accredit” means to identify and set minimum standards for the performance of registration functions, to recognize persons or entities meeting those standards, and to enter into an accreditation agreement that sets forth the rules and procedures applicable to the provision of Registrar Services.

What is Dynamic DNS?

Dynamic DNS allows machines with IP addresses that change to have permanent addresses on the internet. You can buy a domain name anywhere, and then point that domain name to your machine. Before dynamic DNS you had to have a fixed IP to run a web server. Now you can run a web server with a cable modem, DSL line or even on a dial up.

What is a CNAME? (Canonical Name Records)

CNAME records simply allow a machine to be known by more than one hostname. There must always be an A record for the machine before aliases can be added. The host name of a machine that is stated in an A record is called the canonical, or official name of the machine. Other records should point to the canonical name. Here is an example of a CNAME:

www.eukhost. IN CNAME scott.eukhost.com.

You can see the similarities to the previous record. Records always read from left to right, with the subject to be queried about on the left and the answer to the query on the right. A machine can have an unlimited number of CNAME aliases. A new record must be entered for each alias.

What are Start of authority (SOA) records?

The SOA record is the most crucial record in a DNS entry. It conveys more information than all the other records combined. This record is called the start of authority because it denotes the DNS entry as the official source of information for its domain.

Other records

There are many other types of DNS records, like Host Information (HINFO) or Text (TXT) are informational for people only, listing facts about the domain and types of computers used that are not vital to the operation of DNS.

What is propagation?

Propagation is the time it takes all DNS servers and Internet Service Providers to update their DNS tables to reflect any new website locations. The rate at which this happens can vary among providers. New domain name registrations are usually live on the main root servers within 24 hours of registration completion. You may need to allow additional time for this information to trickle down to all the DNS Servers on the Internet. Transfers will take approximately 72 hours to be live in the root servers.

During propagation, your website may be viewable from one ISP, and not another. We suggest you wait 72 hours before announcing your new domain name to the world.

What is IP pointing?

IP Pointing allows you to forward your domain traffic to a specific IP address. A server is required at the designated address to use this forwarding method.

What is a lame delegation or lame response? How do I fix it?

You may see in your name server logs a message about a lame response or lame delegation. When performing recursion, the process of looking up a record from the DNS, a name server must generally query several servers, follow up on referrals, and go down the chain of authority to find the answer.
For each query, the recursing name server expects the other name server to be authoritative for a given zone. For example, the root servers are expected to be authoritative for the root zone. The root servers give out a referral for com, pointing to a set of servers; any such server is expected to be authoritative for com. The expected authority can be obtained either from a referral for that zone from a parent zone, or from the authority records returned by another authoritative name server for the zone.
If a query is answered in a way that indicates that the responder is not authoritative for the expected zone, the result is called lame. Since the response is almost always in the form of a referral (a delegation response) for either some zone higher up on the tree or for the expected zone itself, the response can be called a lame delegation or lame referral.